A success exploit of this vulnerability allows an attacker to access sensitive information inside the protected memory regions. Such information may include passwords, emails and documents. Those data are most likely to appear in plaintext in memory when being processed by the OS and applications. Because the OS level memory isolation is usually considered trustworthy. And this time, it broke.

The attack surface exists on both client side and server side. The possible attack scenarios includes attacking the cloud-based shared hosting, attacking the client side with web based JavaScript, and it can also used as a supportive way to launch a memory corruption vulnerability exploit, to bypass the Kernel level ASLR protection.

One lucky thing is, the attackers for this vulnerability would be "passive" and "read-only", comparing to an actively exploited RCE vulnerability.

Am I affected?

The answer is most likely to be Yes -

The chip vendors Intel, AMD and ARM are affected.

Windows, Linux (Android included) and macOS are affected

Cloud service vendors such as AWS and AliCloud are affected

Microsoft has also released a PowerShell script to detect whether a Windows system is affected here.

How can I get protected?

Patching this vulnerability is more difficult than usual: It happens on hardware level, affects multiple platforms, including varies version of mobile and IoT devices. The current patch on Linux and Windows will incur a 5-30% performance hit on Intel products.

Please keep updated on the newly released patches and apply them when available, or to confirm with your service provider that they have updated to the latest patch. Big vendors are already giving feedback about their patching status:

The Meltdown and Spectre are side channel attacks in the memory level, which won't leave logs like other exploits targeting specific services. While the attacks and malwares can still be detected and intercepted via network traffic.

SonicWall Capture Labs Threat Research team is keep monitoring the newly emerged exploits and malwares for this vulnerability. The following signatures are already developed to identify and stop the attacks: